Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp3310909imm; Fri, 24 Aug 2018 14:42:30 -0700 (PDT) X-Google-Smtp-Source: ANB0VdaPqu+psGtBzLWB4hHwgqYZQ8Pyx8e/OP2cplchj+zgRJMRG13bVBf9NY9UExj+R/YQUEv/ X-Received: by 2002:a65:4984:: with SMTP id r4-v6mr3312103pgs.238.1535146950887; Fri, 24 Aug 2018 14:42:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535146950; cv=none; d=google.com; s=arc-20160816; b=sRzml9ibcVRMR6zHeIVFlC12BBwhUdBVvkKUCo9bzUPF/Q7hOyVKgoDVvhxscNLoXz 8WUFohgOs7bsHDwpNlDE6IIK01J+dHz0baVk3kE3eF4gFM0ue0CAhtk162HDZCMW23yb 93h9RtTkX7S7lyf9c4zjgYAiq4teZI/U6FoKCBQ44EssOkPJ1CeDXklwgTAfTD1t9pw6 nfllFydG+Wl+zjxcNndSo0Nh3eXNw+9lK68HEqP1l4TVk2HKraPfJp2E0MKxFAbkablS O0MNn6xlvApEk2NwUFf4fOq2j/Dn9lZ86We1c+MMtPn7zQXEcYUlMpVCdPpJFi27f/3f 8Lvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=4rSfW+hy9ymsKEyO5ev0RtqOz/4mtAHYscjrgIRgTfY=; b=J+ZBwQ8WCCc6OythL2hsLiAY1n0kRZBeybdOitcE561vRBQMKWXUWAb3zm9ZHGMutw w4twpus7IzdWlF6xSmV0UEGy+JGlQQgi63gklVRS0YbXmrfDFwZtOBHm7YogHQ/M1JGv u8s/sQHiZWMeiVZRXUS05neZFG7h0nR8SRv2XvDOGI/o1AKGtOUT8QDvnahGPfEOmred TSUk/khLeF8aKzSroontnPSf8I5eEfHobxowzR8z+nk8mPo25dWzKKBAUIedrpeVeWG9 ZvCNJiaJfBBhyuv2jjm75RYR9lyuzLYICKCbf32PtLgOsBxB1aDJgptwH11Ke/dz+pL3 Xv4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b=dpvZ8EW0; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 21-v6si3825905pfy.169.2018.08.24.14.41.59; Fri, 24 Aug 2018 14:42:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=mail header.b=dpvZ8EW0; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727178AbeHYBQG (ORCPT + 99 others); Fri, 24 Aug 2018 21:16:06 -0400 Received: from frisell.zx2c4.com ([192.95.5.64]:35289 "EHLO frisell.zx2c4.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726559AbeHYBQG (ORCPT ); Fri, 24 Aug 2018 21:16:06 -0400 Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id b256b4e8; Fri, 24 Aug 2018 21:25:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=zx2c4.com; h=from:to:cc :subject:date:message-id:mime-version:content-type :content-transfer-encoding; s=mail; bh=oeU+spnXqRdqWFPwIcSCz7RNL 3A=; b=dpvZ8EW0GPKeiTVvVhhBT5B8mw4+KuiplZPp+QTAAXzXF8zgVNvSG/R1P 7hZzI1lgMOsRMjRvke23ifI4+Hd8aunhqAEieTejrHKHrawMZbWgxJn6Rj8pAN9X Gv3V92q66FGaj1vj7V7Y9eoUOaXHwI5KE1K+ZaWr5LR3MoDX5zARcKFy+Pxbi7je dtPdCfE47QCirTKJZbGWDTlDttneZOToWPV0WR2KrD4ovukHZKcJ2YR+Jg/n/j+d reDV1rb2v9fY3FsmncpyIIy+NralukzK9wfhx+oSHSnzLDiJibXTpNpyt8vVPYAU 0SCY7Ho15h2Qa5etmkPNCK4cAYVBA== Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id cdcd694d (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Fri, 24 Aug 2018 21:25:14 +0000 (UTC) From: "Jason A. Donenfeld" To: linux-kernel@vger.kernel.org, netdev@vger.kernel.org, davem@davemloft.net Cc: "Jason A. Donenfeld" Subject: [PATCH v2 00/17] WireGuard: Secure Network Tunnel Date: Fri, 24 Aug 2018 15:38:32 -0600 Message-Id: <20180824213849.23647-1-Jason@zx2c4.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patchset is available on git.kernel.org in this branch, where it may be pulled directly for inclusion into net-next: * https://git.kernel.org/pub/scm/linux/kernel/git/zx2c4/linux.git/log/?h=jd/wireguard WireGuard is a secure network tunnel written especially for Linux, which has faced around three years of serious development, deployment, and scrutiny. It delivers excellent performance and is extremely easy to use and configure. It has been designed with the primary goal of being both easy to audit by virtue of being small and highly secure from a cryptography and systems security perspective. WireGuard is used by some massive companies pushing enormous amounts of traffic, and likely already today you've consumed bytes that at some point transited through a WireGuard tunnel. Even as an out-of-tree module, WireGuard has been integrated into various userspace tools, Linux distributions, mobile phones, and data centers. There are ports in several languages to several operating systems, and even commercial hardware and services sold integrating WireGuard. It is time, therefore, for WireGuard to be properly integrated into Linux. Ample information, including documentation, installation instructions, and project details, is available at: * https://www.wireguard.com/ * https://www.wireguard.com/papers/wireguard.pdf As it is currently an out-of-tree module, it lives in its own git repo and has its own mailing list, and every commit for the module is tested against every stable kernel since 3.10 on a variety of architectures using an extensive test suite: * https://git.zx2c4.com/WireGuard https://git.kernel.org/pub/scm/linux/kernel/git/zx2c4/WireGuard.git/ * https://lists.zx2c4.com/mailman/listinfo/wireguard * https://www.wireguard.com/build-status/ The project has been broadly discussed at conferences, and was presented to the Netdev developers in Seoul last November, where a paper was released detailing some interesting aspects of the project. Dave asked me after the talk if I would consider sending in a v1 "sooner rather than later", hence this patchset. A decision is still waiting from the LPC network track committee, but an update on these topics may be presented in Vancouver in a few months. Presentations: * https://www.wireguard.com/presentations/ * https://www.wireguard.com/papers/wireguard-netdev22.pdf The cryptography in the protocol itself has been formally verified by several independent academic teams with positive results, and I know of two additional efforts on their way to further corroborate those findings. The version 1 protocol is "complete", and so the purpose of this review is to assess the implementation of the protocol. However, it still may be of interest to know that the thing you're reviewing uses a protocol with various nice security properties: * https://www.wireguard.com/formal-verification/ This patchset is divided into three segments. The first introduces a very simple helper for working with the FPU state for the purposes of amortizing SIMD operations. The second segment is a small collection of cryptographic primitives, split up into several commits by primitive and by hardware. The third is WireGuard itself, presented as an unintrusive and self-contained virtual network driver. It is intended that this entire patch series enter the kernel through DaveM's net-next tree. Changes v1->v2: - Zinc has been split into multiple patches. - Zinc has been split into multiple config options. - WireGuard has been wrapped at 80 characters. - Numerous cleanups of inside WireGuard. - Splitting out the simd helper into linux/. - Simplification of bitwise arithmetic inside some Zinc primitives. - Better handling of unaligned buffers inside Zinc. - Expanded CC list. Enjoy, Jason